This is an automated archive.
The original was posted on /r/sysadmin by /u/Bregirn on 2023-08-18 00:01:32+00:00.
I'm a lead engineer with a realtively large tech company, my role is mainly implementing new systems and mitigating security risks. My IT manager came to me the other day with an interesting question and I was a little stumped to come up with a good answer at first.
"If you had unlimited funds to spend on security/IT improvements, what would you suggest we do?"
To preface this, we are a relatively proactive company working to constantly advance security, there is a large board meeting coming up and the CIO posed this question to the manager. I'll give a bit of background on where we are now...
- Full Azure AD, no On-prem
- Devices are AD Joined using autopilot.
- Fully E5 licensed and using almost all key security features.
- Actively monitoring Defender for Endpoint for vulnerabilities and patching them rapidly.
- Using SIEM with a 24/7 monitoring team to track risks in AD, Devices and connected services.
- Mostly remote users with laptops, all via a Cloud Network Gateway firewall
I understand it would be even harder not knowing more about the company and I can provide a bit more context if needed.
One of my thoughts was to spend more on training IT and security teams up on latest certifications, since that's probably going to have the biggest flow on effect.
What are some of the big spend improvements you would love to do but are held back due to costs?